• Enable Browser URLs

    ControlUp has the ability to display a users active Internet Explorer URLs within the Console. This feature needs to be enabled within the Console Settings and configured. This visibility into browser activity allows administrators the ability to identify run away browser processes and problematic websites. 

     

     In order to enable viewing Browser URLs in the Console Grid follow these steps:

    1) Go to Settings -> Browser URLs

    browser_URLs_002_001.png

    2) Check the box "Monitor URLs for browser processes"

    Browser_URLs_001_001.png

     

    Once you have checked the box to enable the setting you will begin seeing URLs for new IE tabs or browsers opened within the Processes tab of the Console Grid. 

  • Display Settings

    This tab allows you to select display preferences, such as whether you would like to show or hide system sessions, full computer names and navigation history.

    Enable Grouping – shows the grouping bar above the information grid, which allows for dragging any column header to the bar to group records by that column

    Show System Sessions – by default, the “System(1)” and “Services(0)” sessions are hidden on server machines in ControlUp, so the only sessions you see are real human users. Enable this checkbox to display the system and services sessions.

    Show Full Computer Names – this checkbox determines whether the Organization Tree should show full computer names (FQDNs) or flat names.

    Show Navigation Bar – display the “Back” and “Forward” buttons above the information grid.

    Show Navigation History – display the “History” dropdown above the information grid.

    Show Actions Task Pane – display available management actions in a separate pane on the right.

    Show Configuration Error Balloon – in case of an error during an update to the central configuration, display a balloon in the status bar indicating that not all changes may be saved.

    Show Disconnected Computers – if you disable this checkbox, computers will not be displayed in ControlUp unless they are in the “Ready” state, meaning that disconnected computers will disappear from the information grid.

    Show Parent View Record – when this option is enabled and a record is double clicked or focused on, the information grid will display the parent record information on top of the grid as well as its child objects below.

    Show Computers with Errors – display computers on the information grid even if their connection status is currently in error. This option can be disabled to support scenarios in which not all computers are accessible or powered on.

    Show Powered Off Computers – display computers for which the hypervisor layer has reported a “Powered Off” status.

    Show Unmanaged VMs – display computers discovered via the hypervisor layer, to which ControlUp Agent has not been deployed.

    Note: ControlUp includes a full screen mode, which can be invoked by pressing F11. If you would like ControlUp to open in full screen mode automatically upon launch, specify the “/fullscreen” command line parameter when launching the console executable.

  • Agent Settings

    The Agent Settings tab of the Settings window allows you to select your preferred agent installation options:

    • Default port(40705 by default). You may select a custom TCP port number for client communications using the “Listen on port” field in the bottom right corner of the window. Please ensure the port number you select is not utilized for any other applications on your network
    • Check ping – by default, all selected computers are pinged before agent distribution to ensure connectivity. If your managed computers do not respond to ICMP traffic, you may uncheck the “Check Ping Reply” checkbox in the Add Computers window.
    • Prerequisites check – by default, all selected computers are tested for .Net Framework presence before agents are distributed. This test may be bypassed by unchecking the “Check Pre-requisites” checkbox.
    • Agent Installation Mode:
      • Temporary mode (default) – ControlUp agents will be installed upon connection to the managed computer and will automatically uninstall themselves after you disconnect these computers or close ControlUp.
      • Installed Agent Mode – ControlUp agents will persist on the managed computers, which will allow for faster connection. Choose this option for computers that you intend to manage with ControlUp on a regular basis.
    • Auto-Upgrade – by default, ControlUp replaces an older version of the agent if it is found on the remote computer.
    • Auto-Connect Interval – determines the time span between attempts to reconnect to agents if the “auto-connect” checkbox is enabled.
    • Download Agent MSI – use this link to download standalone MSI packages for agent installation.
  • Proxy Settings

    If your network policy requires the use of a proxy server to reach the Internet, this is the place to configure your proxy server settings and authentication credentials, if applicable.

    Note: ControlUp doesn’t support proxy auto-configuration (PAC) files. Please provide your proxy server settings manually.

  • AD Connections

    The AD Connections tab allows you to add managed domains and configure the credentials to be used to connect to these domains. If you are running ControlUp as a domain user, this list may be empty. This means that your current domain credentials are used whenever needed. If you start ControlUp as a local (non-domain) user, you will be prompted for the FQDN of your Active Directory domain and valid domain credentials, which are mandatory for working with ControlUp.

    Domain connections are required for two principal reasons. First, the default method of adding computers is by browsing the Active Directory and domain membership is a mandatory prerequisite for managed computers. Second, ControlUp uses your Active Directory logon information to determine the rights and permissions that will be applied to your console. The Security Policy of ControlUp is based exclusively on Active Directory accounting.

    ControlUp supports managing computers from different Active Directory domains and forests. Even computers that belong to multiple untrusted Active Directory domains and forests can be managed within the same console, provided that you have sufficient credentials to manage computers in those domains and forests. All that is needed is an Active Directory connection, which consists of a domain FQDN and valid credentials.

    The AD connections tab of the Settings window can also be used to enable ControlUp organizations to span multiple Active Directory forests. Every time you log into ControlUp, the list of available organizations is determined based on the Active Directory forest by which your Windows session is currently authenticated. If you create a new ControlUp organization from forest A and then later open ControlUp from a computer logged into forest B, that organization will not be visible on the logon wizard. To enable the display of that organization in forest B, perform the following steps:

    • Open ControlUp in a Windows session logged into forest A
    • Log into your ControlUp organization
    • Using the AD Connections tab of the Settings window, create an AD connection to forest B while providing valid credentials. Click OK.
    • Edit the newly created AD connection. Select the Trust tab and enable the checkbox next to “Allow users from “<forest B>” to login to organizations created in “<forest A>”. Click OK.
    • Now open ControlUp in a Windows session logged into forest B. Your ControlUp organization should be visible on the organizations drop-down list.

    DNS name resolution is a mandatory prerequisite for accessing Active Directory domains with ControlUp. If an untrusted domain is located on your local network (e.g. for testing purposes) but is inaccessible using its FQDN, ControlUp will be unable to verify your credentials and add computers from that domain. In such a case, it is recommended to configure a DNS forwarder to allow access to the DNS namespace of the untrusted domain from your existing AD infrastructure.

  • Credentials Store

    ControlUp supports saving credentials for future reuse. The Credentials Store tab of the Settings window can be used to configure, validate and edit saved credentials.

    Scenarios for Utilizing Saved Credentials

    There are several ways in which ControlUp utilizes saved credentials:

    1. AD Domain Connections may be configured to use a saved set of credentials. This is useful in case your environment includes several AD domains or forests which require different credentials. When an AD connection is configured with a set of saved credentials, those credentials will be utilized when deploying or manipulating ControlUp Agent instances on computers from the respective domain or forest. For more information on AD connections, please refer to this page.
    2. Some management actions support choosing a set of saved credentials when executing the action. For example, when using the “Run Process As” action to execute a process on a managed computer, you can select a set of credentials to use when launching the process.
    3. Remote Desktop connections can be configured to use a saved set of credentials, both individually by using the connection properties, and for entire folders. For more information, please refer to the Remote Desktop Pane section.
    4. When configuring a hypervisor connection, saved credentials are mandatory for enabling data collection from the virtualization layer. Additionally, all ControlUp users need to save the same service account credentials in their credentials store in order to enable data collection from the hypervisors. For more information, please refer to the Connect to the Virtualization Infrastructure section.

    Sharing Credentials between ControlUp Users

    Your saved credentials are stored securely in your Windows user profile directory and are accessible solely using your own Windows user account, even when using shared configuration or when copying your ControlUp settings to another user.

    In online ControlUp environments, credentials stay personal and are never sent to the cloud services or shared with other users. In offline environments, when the centralized configuration feature is not available, sharing the configuration tree and other organization-wide settings between ControlUp users is achieved by copying the %AppData%ControlUp folder between colleagues. It is important to note that this operation does NOT transfer saved credentials between users. When your colleagues start ControlUp with the %AppData%ControlUp copied from your user profile, they will be prompted to reconfigure all saved credentials.

    ControlUp Monitor and Saved Credentials

    If a ControlUp Monitor instance is configured in your organization, please note that its configuration needs to include saved credentials. They are required in order to access all managed computers in your environment. For more information, please refer to the ControlUp Monitor section.

    Local Computer Credentials

    When saving a set of credentials, the domain drop-down allows you to select the “Local Computer” option in order to save non-Active Directory credentials. Use this option in the following scenarios:

    1. You would like to save a username and password for a local (non-domain) Windows user. These credentials can be used for Remote Desktop connections and for management actions that do not require domain access.
    2. Your environment includes a hypervisor connection that requires the use of non-Windows credentials (e.g. XenServer root account).
    3. You regularly connect using Remote Desktop to computers which belong to third-se Active Directory domains, the domain controllers of which are not accessible from your local network. For example, consider an off-site server which belongs to AD domain external.com, for which you have valid AD credentials. You cannot save a set of credentials for the external.com domain in ControlUp, because the DCs for that domain cannot be accessed from your local network in order to validate those credentials. As a workaround, you can pick “Local Computer” from the domain drop-down and enter external.comusername in the User field. This way, the credentials set will be treated as local and will be saved without undergoing local validation.
  • Controller Lists

    Use this tab to configure lists of computers or shares for reuse within the Controllers pane.

  • Export Settings

    Using this setting, ControlUp may be configured to auto-export any information grid view to a CSV file on a scheduled basis. This goal is achieved performed by configuring export rules that instruct ControlUp to write the contents of the information grid to the disk.

    The exported CSV files can be later reviewed and analyzed, either manually or with the help of ControlUp Reporter, which is capable of producing a variety of reports based on the exported files. For more information on ControlUp Reporter, please refer to its product page.

    Note: The export rules you configure in the ControlUp console will only operate when a copy of the console is active. In order to configure ControlUp for continuous export, it is recommended that any export rules will be created on an instance of the ControlUp Monitor service. If you have already configured any export rules using the console, ControlUp will suggest you to move those rules to the first instance of ControlUp Monitor that you install in your organization. For more information on ControlUp Monitor, please refer to this page.

    When creating an export rule, the following information should be provided:

    Export View The name of the view to be exported from ControlUp’s My Organization pane. Every rule may only export one view.
    Days of the week The weekdays during which the export rule should be activated.
    Start time Time of day on which the export rule should begin operating.
    End time Time of day on which the export rule should stop operating.
    Interval A time period that should elapse before a new export file is created.
    Output folder The location to which the exported files will be saved.
    Delete files older than

    The retention period for old export files.

  • Events Settings

    The Events Pane gathers “Error” and “Warning” events from all of your managed computers. Use the following settings to configure the type of events you would like to see:

    Events Retention Period – by default, ControlUp only keeps events in memory for an hour. Use this setting to modify the retention period.

    Note: a drastic increase of the retention period may result in performance degradation.

    Event Type – select the types of event you would like to gather (default – Error, Warning and Audit Failure)

    Excluded Events – configure which events you would not like to see anymore by creating a new filter.

    Frequent Event Filter – by default, when the same event type (by Source and Event ID) appears more than 100 times, ControlUp stops gathering this event. Use this setting to configure the event filter so that you do not see many repetitive events.

  • Security Settings

    Owner – this user is the super-user of the current organization, meaning that security policy restrictions can always be overridden by this user. Remember this in case the security policy is misconfigured to block access for everyone.

    Roles Manager – a user or a group who are able to modify the membership of ControlUp roles.

  • Alerts Settings

    Trigger alerts for the following stress levels – select the Stress Levels for which you would like an alert to be triggered, by ControlUp view.

    Play a sound alert in the console – if enabled, the console will play sound alerts as follow-up actions defined in incident triggers.

    Display stress level alert bubbles – if enabled, notification bubbles will be shown whenever a record reaches a Stress Level, according to the setting above.

    Log stress level alerts – using this setting, you can configure ControlUp to record a message in the Application Event Log when your resources cross a preconfigured stress level. You can then use Windows Scheduled Tasks or your favorite monitoring solution to attach e-mail alerts to these events.

  • Remote Assistance

    RA Password – this is the default password used to create Remote Assistance

    invitations

    ICA – this is the .ica template file used for ICA session shadowing

  • Stress Settings

    As a comprehensive real-time monitoring solution for multi-user environments, ControlUp is capable of displaying a complex and flexible measure of system health, called “Stress Level”, for every monitored resource, be it a folder, computer, user session or process. Stress Level is a numeric column, which is displayed in ControlUp’s grid with the following ranges: None, Low, Medium, High and Critical. Using this column, you can quickly determine the health of your resources, for example by sorting the grid so that highly stressed resources are on top. In this chapter, you will learn how to configure the Stress Level column to optimally represent the current health status of resources in your environment.

    Stress Settings tab layout

    All Stress Level-related settings are configured using the Stress Settings tab of the Settings Window. As seen in the image above, this tab contains a folder tree (1),
    which is identical to the tree displayed in “My Organization” pane, a navigation bar (2)
    for switching between resource types, a counter selection area (3),
    an “Applies To” are for configuring filters (4),
    a Settings area for configuring the computation of the Stress Level value (5)
    and a “Stress Levels” area (6)
    for configuring the boundaries between different levels.

    About Stress Level Inheritance

    Default Settings

    By default, every ControlUp organization contains a single set of Stress Level settings, configured on the root folder of the organization. Unless configured otherwise, these settings are inherited by all child folders and the computers within them.

    Subfolder Inheritance

    ControlUp’s folder tree is designed to allow the user to arrange computers in folders according to their type. For example, you might want to separate your workstations from your servers, and further segment the servers folder into subfolders containing different types of machines. This type of arrangement is generally convenient, and is especially useful for configuring different Stress Level settings for different types of computers.

    Filter Inheritance

    Besides segmenting resources into subfolders, ControlUp also distinguishes between resources automatically, allowing to configure performance counter thresholds which are optimal for each monitored resource. This is done by using filters, which are pre-configured criteria configurable in the counter area.

    COMPUTER FILTERS

    You may configure different thresholds for each computer type using the filter area of each counter configuration. ControlUp distinguishes between the following computer types:

    General Purpose Server – a computer running a server-class Operating System, with no Terminal (Remote Desktop) Services installed. This could be a file server, an Exchange server, a Web server or an SQL server. These computers typically host a limited number of user sessions for administrative purposes, and have most of their resources consumed by background services.

    RDS – a computer running a server-class Operating System with Terminal (Remote Desktop) Services role installed. These computers typically host multiple end-user sessions, running virtualized applications or full-desktop environments.

    Workstation – a computer running a client Operating System, such as Windows 7, 8 or XP. A computer of this type typically hosts a single user session with foreground processes (applications) consuming most of the computer’s resources.

    By default, all filters within every counter inherit its default thresholds. By clicking on the filter name on the left, you can customize the thresholds for each filter, as described below.

    Configuring the Stress Level Computation

    The counter area of the Stress Settings tab allows you to configure which metrics contribute to the computation of the Stress Level column for each resource in ControlUp.

    Per-Counter Configurations

    The counter area includes a row for every column included in each of ControlUp’s views (Folders, Computers, Sessions, Processes, Accounts and Executables). Please note that each view supports a different set of columns. You can switch between views using the navigation buttons on top of the grid.

    Each counter row includes several settings which configure the contribution of that counter to the total Stress Level of the record.

    YELLOW AND RED

    Every counter has a Yellow and a Red zone, with configurable numeric boundaries. In the example above, a computer “CPU” column’s default settings are 80% for Yellow and 90% for Red. Once a computer’s CPU usage climbs to 85%, the cell in its CPU column will become yellow. If the CPU usage drops below 80% again, this cell will go back to green. These changes in the grid should be instantaneous.

    Note: Some counters (such as Free Disk Space) have reverse zone boundaries, i.e. Red values will be lower than Yellow values, since in these cases a lower value indicates a more severe condition.

    DURATION

    Once a Yellow or a Red boundary is crossed, ControlUp tracks the time the value of the counter stays above that boundary. You can configure ControlUp to increase the resource’s Stress Level when this happens, specifying how long should the value stay above the threshold. For example, you may decide that if a computer’s Disk Queue Length value stays over 1 for 1 minute, this may indicate an I/O bottleneck and should affect the computer’s Stress Level, and if the value exceeds 2 for a minute it may indicate a severe I/O issue you might want to be displayed in red, as shown:

    LOAD

    The “Load” value determines how many points should be added to the value of the record’s Stress Level column when a threshold is crossed for the time duration described above. For example, in the Disk Queue example above, if the value stays between 1 and 2 for a minute, the Stress Level will be incremented by 1 point. If the value is above 2, the Stress Level will be incremented by 2 points.

    SEVERITY BY

    To change the value used by the information grid to display the performance data of a column and modify the cell color accordingly, select a computation method from the “Severity by” drop-down list. The following values are available:

    • Current Value – the column will display the present point value of the counter. This is recommended for counters such as “Memory Utilization” or disk free space, for which knowing the most current present value is most valuable.
    • Max – the maximum value recorded in the counter since its sampling started. Valuable mainly for peak analysis and capacity planning.
    • Min – same as the above, referring to the minimum value.

    Note: ControlUp’s performance counters maintain a buffer of samples that were significantly different from previous samples. The number of stored values depends on the variance of the sample. While the computation formulas are beyond the scope of this document, while changing the default computation method for columns, you should keep in mind that “In History” values are computed in relation to more recently received data.

    • Max In History – the maximum value of the counter’s current buffer.
    • Average – the average value computed on all values recorded by the counter since its sampling started. Valuable mainly for long-term analysis and establishing baselines.
    • Average In History – the average value of the counter’s current buffer. Valuable mainly for rapidly fluctuating counters, such as Page Faults/sec and CPU usage.

    In order to illustrate the usage of the above values, let us consider the case of a computer’s “CPU” column. If you select “Average In History” in the “Severity by” drop-down list, you may witness a situation in which the counter will be colored red, while its displayed value is in the “green” range. The reason for this is the fact that the displayed value is based on the current value (e.g. 5%), while the severity color code is based upon the “Average In History” value, which may be high (e.g. 90%). This type of configuration makes sense in most environments, since a momentary peak of CPU usage is usually no cause for alarm, while a prolonged CPU load detected by the “Average In History” value my indicate a performance issue and justifies a color coded severity alert. It is highly recommended that you take extreme care when customizing the counter thresholds and their calculation sources. It is best to consider the variance and fluctuation rate of each counter when planning a change to these values.

    N/A COLOR

    Some counters have a complex computation mechanism, which may fail under certain conditions. For example, when a value of a performance counter cannot be retrieved. For each of the metrics collected by ControlUp, you may decide that a failure to collect a counter’s value in itself represents an issue and should change the color of the column to yellow or red. For example, the XenApp Load.

    Configuring boundaries between Stress Levels

    Using the Stress Levels panel on the left side of the Stress Settings pane, you can customize the numeric boundaries between ControlUp’s stress levels.

    By default, all resources in your organization inherit the following default stress levels boundaries:

    • (No Stress) < 1
    • 1 <= Low < 2
    • 2 <= Medium < 3
    • 3 <= High < 6
    • 6 <= Critical

    Just like the stress level computation settings, these boundaries are configurable on a folder basis, which means that a resource (computer, session or process) with a stress level of 7 may be considered Critical in one folder and Medium in another, according to the needs of your environment.

    In order to customize the Stress Level boundaries for a subfolder:

    1. Switch to the Stress Settings tab of the Settings Window.
    2. Click on the desired subfolder in the organization tree.
    3. Uncheck the “Default Configurations” checkbox in the “Stress Levels” panel just below the tree.
    4. Adjust the numeric boundaries using the sliders or by typing the numbers into the fields corresponding to each level.
    5. Click “Apply Settings” on the Home ribbon.

    In order to reset default Stress Level boundaries for a subfolder:

    1. Switch to the Stress Settings tab of the Settings Window.
    2. Click on the desired subfolder in the organization tree.
    3. Check the “Default Configurations” checkbox in the “Stress Levels” panel just below the tree.
    4. Click “Apply Settings” on the Home ribbon.

    Receiving Stress Level Alerts

    You can configure ControlUp to alert you when resources in your environment reach a configured stress level. For more information, please refer to the Trigger Settings section.

  • Trigger Settings

    Incident Triggers are definitions of significant events that should be recorded by ControlUp. Each trigger includes a list of conditions which specify when will the incident be recorded and which follow-up actions will be performed at that time. The Triggers Settings window is used to define those triggers, while the Incidents Pane is used for viewing and analyzing the resulting incidents.

    Cloud Analytics Triggers

    ControlUp offers built-in incident triggers supplied by ControlUp Cloud Analytics. These triggers are based on vendor recommendations and industry best practices. For example, a “Citrix XenApp Events” trigger delivered by Cloud Analytics defines all event log entries recommended for monitoring by Citrix. From time to time, those triggers will be updated to include new known issues and best practices. The idea behind Cloud Analytics is to provide ControlUp users with information about events that are known to correspond to known issues.

    User-defined Triggers

    ControlUp users can configure their own incident triggers to record irregularities, errors, performance issues and other events specific to the monitored environment. Incident triggers are stored in the organization’s public configuration set, meaning that there is only one set of triggers shared by all users in a ControlUp organization. In order to make changes to the triggers, the user needs the “Configure Incident Triggers” organization-wide permission.

    Creating and Modifying an Incident Trigger

    Step 1: Selecting an Incident Type

    In order to create an incident trigger, click on the “Add Trigger” button on the “Triggers Settings” window. A New Incident Trigger wizard will open. The first stage in creating a trigger is choosing the incident type. The following incident types are supported:

    • Stress Level – captures an increase in a record’s Stress Level value. This type of incident applies to all record types in ControlUp (Folders, Hosts, Computers, Sessions, Processes, Executables and Accounts). Choose this trigger to capture all types of performance issues, such as excessive resource consumption.
    • Windows Event – captures entries recorded in the operating system event logs of your managed computers. Select this trigger in order to record Windows event log entries for later analysis or troubleshooting.
    • Computer Down – this trigger is activated when a computer monitored by ControlUp becomes unavailable, for any reason.

      Note: incidents of this type are only recorded by ControlUp Monitor, because continuous monitoring is required in order to detect a “Computer Down” event and ControlUp Console is not intended for continuous monitoring.

    • Process Started – this trigger is activated when a process matching a defined set of criteria is started on any of the managed computers.
    • Process Ended– this trigger is activated when a process matching a defined set of criteria is terminated on any of the managed computers.
    • User Logged On – this trigger is activated when a user logs on to one of your managed computers.
    • User Logged Off– this trigger is activated when a user logs off from one of your managed computers.
    • Session State Changed – this trigger is activated when a user session’s state changes on one of your managed computers.

    Step 2: Configuring Incident Details

    For Stress Level triggers, configure the following details:

    • Record type – the kind of ControlUp record to which the trigger applies (Folder, Computer, Session, Process, Account or Executable).
    • Stress Level – the minimum Stress Level threshold to trigger the incident.
    • Duration – the minimum period during which the record needs to stay above the configured stress level.

    For Computer Down triggers, select one of the following reasons:

    • Shutdown
    • Agent down
    • Connection dismissed
    • Organization restriction
    • Unknown

    For Session State Changed triggers, configure the following details:

    • From State – the state of the user session before the change
    • To State – the state of the user session after the change

    Step 3: Adding Filtering Criteria

    For every trigger, you may configure an advanced filter using any combination of criteria, which will be evaluated against all the properties of the affected records. For example, you might want to to configure a Stress Level trigger which only captures the activity of processes with a certain name, or a Windows Event trigger which only captures specific event IDs.

    The Filter Editor is a window in which you can configure your criteria. This window is similar to the “Item Level Targeting” filter control used in Microsoft Windows Group Policy Management Console (GPMC), and uses the same logic.

    Note: when configuring search criteria on a string attribute, please note the following behavior of wildcards

    Search string Will match Will not match
    test test any string except “test”
    test* test1test1111test1111test111(or any other string in which “test” is followed by one or more characters) test1test111test(any string which ends with “test”)
    *test 1test111test1test1111test111(or any other string in which “test” is preceded by one or more characters) testtest1test111(any string which begins with “test”)

    Step 4: Configuring Trigger Scope and Schedule

    Using the Scope drop-down box you can select which folder the trigger applies to. The “Include all child folders” checkbox controls whether this settings applies to the entire folder structure under the selected folder. By default, any newly created trigger applies to the entire organization.

    The Schedule drop-down box allows you to select when an incident will be active. By default, any newly created triggers are active at all times (“All Days” schedule). Using the “Add New Schedule” option, you can define a new time pattern.

    Step 5: Adding Follow-up actions

    Every trigger may include one or more follow-up actions. The following actions are available:

    • Send an e-mail alert – delivers an e-mail with the incident details to the selected recipients. A valid recipient has to be a ControlUp user in your organization who has verified its e-mail address by activating their ControlUp account. This follow-up action uses ControlUp cloud services for the delivery of alerts and does not require a local mail server.
    • Send a mobile push notification – delivers an alert to your mobile devices using ControlUp Mobile Apps. For more information please refer to the Mobile Apps documentation page.
    • Dump view/s to disk – when the incident is triggered, this follow-up action will save the contents of the selected ControlUp views to the disk as a comma-delimited file.
    • Record an event in the Application Log – will create a new log entry in the Windows Application Log of the computer that detected the incident.
    • Play a sound alert in the console – if ControlUp console is open when the incident is detected, the console will play the selected sound file.
    • Send an e-mail alert using a local SMTP server – delivers an e-mail alert with the incident details to any number of valid e-mail addresses, via a user-configured SMTP server. This will occur only if your organization includes an active instance of ControlUp Monitor which has been configured with sufficient connection details and credentials to send messages using the SMTP server.

    Note: incidents will be recorded in your organization’s incidents database for later analysis, even if no follow-up actions are configured.

    Step 6: Set a name and description for the trigger

    A name and description will be automatically generated for every trigger. It is recommended that you review the name and description in order to ensure that you will be able to identify the trigger when you receive alerts or analyze incidents.

  • Schedule Settings

    The Schedule Settings tab of the Settings window enables ControlUp users to create and manage a list of predefined schedules which can be used with incident triggers and follow-up actions.

    Each configured entry in this list is a matrix of hours for each day of the week, specifying whether to enable incident recording for each time slot.

    To add a schedule entry, click Add Schedule. In the window shown, enter a name for your newly defined schedule (e.g. “All Week Except Saturday Downtime”), select timeslots using the mouse and choose between “Record Incident” and “Do not record incident” for every timeslot.

    After you commit the changes, your newly created schedule will be added to the list of schedules available for selection in two contexts:

    1. When configuring an incident trigger, you can choose a preconfigured schedule setting to restrict the incidents to the specified timeslot:
    2. When adding a follow-up action to an incident trigger (such as sending an email alert), the schedule will be used to determine whether or not to perform the follow-up action when the trigger is activated.
  • Monitors Settings

    This tab displays all ControlUp Monitor instances installed in your organization, while allowing you to review their current status, remove, stop, start or reconfigure existing Monitor instances, and to install new Monitor instances.

    For more information about installing and configuring ControlUp Monitor, please refer to the ControlUp Monitor chapter of this documentation.

  • Insights Access

    This settings tab defines the security restrictions and configurations applied to users accessing the ControlUp Insights portal.

    Two-factor authentication

    ControlUp Insights can be configured to send a secondary authentication code whenever a user provides a valid email / password combination on the sign-in page of the ControlUp Insights portal. The objective of this code is to enhance sign-in security by offering proof that the user attempting to sign into ControlUp Insights is indeed the legitimate owner of the user account. This option is disabled by default, which means that two-factor authentication is not required to sign in.

    When this option is enabled, ControlUp servers will send a numeric authentication code to the email address activated by the user after creating their ControlUp user account. Optionally, the secondary authentication code can also be delivered by using a mobile push notification to any mobile device on which ControlUp Mobile App was downloaded and activated.

    Portal sign-on restrictions

    This section allows you to configure two additional restrictions that are intended to enhance the security of ControlUp Insights sign-in process.

    One restriction is a list of email address suffixes (email domains), which can be validated to ensure that portal sign-in is granted exclusively to users who own a corporate email account. When used in tandem with two-factor authentication, this option further enhances the security of ControlUp Insights sign-in  by performing this verification every time a user signs into the portal.

    The second restriction is a list of source IP addresses against which ControlUp servers will validate the source public IP address from which ControlUp Insights portal is accessed. This option can be used in order to ensure that ControlUp Insights is always accessed from legitimate corporate locations.

    Single sign-on for Insights Access

    This mechanism is used to leverage your existing ControlUp credentials to sign you on automatically, without the need to provide a username and password. Single Sign-On is activated when the ControlUp Insights button on the Home ribbon is clicked. This setting allows for disabling the Single Sign-On mechanism and requiring all users to provide a valid email and password when signing in.

  • Branch Mapping

    This tab provides the ability to configure a list of IP subnets utilized on your network and map them to names of geographical locations, buildings or organizational branches. As a result of this configuration, ControlUp will be able to assign a source branch name to every user session and populate the “Branch Name” column with this name.

    For example, in an organization in which the New York office uses the 10.1.0.0/16 subnet and the Chicago office uses the 10.2.0.0/16 subnet, the mapping table should be configured to map those subnet addresses to the branch names. As a result, the Branch Name column of the sessions view will be populated with the value of “New York” for all user sessions established from client IP addresses in the 10.1.0.0/16 range, and with the value of “Chicago” for the 10.2.0.0/16 range.

    The list of subnets and branch names can be configured manually or imported using a CSV file by clicking the Import button. Here’s an example content of a supported CSV file for reference:

    Name,Site

    10.1.0.0/16,Chicago

    10.2.0.0/16,Chicago

    10.3.0.0/16,Amsterdam

    10.1.3.100-10.1.3.200,Servers Subnet

    10.1.4.111,Test Workstation

    If your Active Directory has subnet objects already linked to the sites representing the geographical topology of your organization, you can use the Active Directory Sites and Services to export a CSV file which can be imported directly into ControlUp. To do so, perform the following steps:

    1. Open Active Directory Sites and Services
    2. Expand the Sites container in the tree view
    3. Right-click the Subnets container and click Export List…
    4. Save the file as “Text (Comma Delimited) (*.csv)”
    5. Open the Branch Mapping tab of the Settings window in ControlUp
    6. Click Import
    7. Browse to the file exported in the steps above

    In case the client IP address does not belong to any of the subnets configured in the mapping table, the Branch Name column can be left empty or populated with a custom value. This behavior can be configured using the “Unrecognized IP Addresses” area in the Branch Mapping tab of the Settings window.

  • Data Upload Settings

    This tab provides access to settings that define how ControlUp uploads data to the cloud servers.

    Incidents Reporting

    The “Incidents Reporting” checkbox defines whether incident triggers defined in your ControlUp organization cause entries to be recorded in the cloud database. When this setting is enabled, ControlUp records an incident entry in the cloud Incidents database every time a condition is detected that matches one of the triggers defined in your organization. This enables for investigating past incidents using the Incidents pane, and for receiving alerts by email or by using the ControlUp Mobile App.

    This checkbox is checked by default. When this option is unchecked, incidents are not reported to the cloud, and all alerting and historical analysis of incidents are disabled.

    Insights Activity Data Upload

    The “Upload historical activity for display in ControlUp Insights” checkbox defines whether ControlUp Monitor instances in your organization upload activity data for the purpose of displaying reports in ControlUp Insights.

    This checkbox is checked by default. When this option is unchecked, no data will be uploaded to ControlUp Insights and no data will be shown in the reports.

    Upload Bandwidth Limit

    The “Upload bandwidth limit” area provides a means to configure a bandwidth limit for the activity data upload process. By default, upload bandwidth is unrestricted.

    The “Daily upload statistics” area provides the average and maximum volumes of data uploaded to the Insights portal.

    Upload Schedule

    The Upload Schedule dropdown enables for a schedule definition to be applied to the upload process. The schedule definition can be selected from a list of schedules created in the Schedule Settings tab of the settings window. By default, upload schedule is unrestricted, meaning that activity data is uploaded automatically as needed.

    Please note that restricting the upload schedule and limiting the upload bandwidth may cause ControlUp Insights to fail to display up-to-date information. In extreme cases, if schedule and bandwidth are insufficient to upload activity data in a timely manner, ControlUp might discard activity data which will cause report data to be lost permanently. Therefore, it is recommended that you consult with ControlUp Support before modifying those settings.

  • App Load Time

    An important measure of user experience is the amount of time it takes for user mode applications to initialize fully before their user interface becomes accessible (clickable) by the user. Applications that are slow to load may indicate system issues, resource bottlenecks, and user frustration.

    ControlUp has the ability to measure the time it takes any user-mode application to become available for the end user. This is an experimental feature that needs to be enabled and configured explicitly (for detailed instructions, see below). When configured, the application’s load time in seconds is displayed in the Processes view.

    By default, the list of monitored applications includes Microsoft Office applications, Internet Explorer and Google Chrome.

    In order to add an application for App Load Time monitoring, click on the Add Rule… button and provide the following parameters:

     

    • Process name/s, one per line - the name of the processes for which you would like to enable app load time monitoring. For every rule you create, it is recommended to enter process names that belong to a specific application or suite of applications, to enable for easier management of each application’s monitoring settings independently of other applications.

     

    Note : The parameters below are advanced settings with recommended default values. It is not recommended to modify those values without thoroughly testing the effect of those changes on your production workloads.

     

    • First sample after (default: 20 s, accepted values: 2-180 s) - determines how long after the process is started will ControlUp first try to assess the load time of the application. For applications that are particularly slow to load, this parameter may be increased.
    • Threshold sensitivity (default: 7, accepted values: 2-12) - determines the sensitivity of the algorithm that detects a decline in the rate of activity generated by the process. You can try lowering this value if ControlUp fails to detect an application that appears fully loaded from the user’s perspective.
    • Stop measuring after (default: 180 s, accepted values: 2-180 s) - when this period elapses after the process start time, ControlUp will stop timing the process load duration. Set this value to the maximum duration that you would like to wait for the process to load. This setting also determines the maximum value you will see in the App Load Time metrics in ControlUp.
    • Data Sample Interval (default 20 ms, accepted values 5-20 ms) - determines the precision of the mechanism (lower = more precise) and its demand for CPU cycles (lower = more CPU activity).
    • Include I/O rate (default: enabled) - determines whether ControlUp should consider I/O activity when determining application load time. If unchecked, ControlUp uses only the DLL load rate.

     For application load time troubleshooting, please refer to this article - Application Load Time

     

  • Advanced Settings

    This tab of the Settings Window defines performance management options that may help conserve system resources on the computer running the console. This can be achieved by configuring the following settings:

    Regulating the rate of performance updates

    ControlUp can be configured to pull performance updates from the managed computers instead of receiving push updates. This enables a degree of control over the number of updates received by the console, thus decreasing the amount of CPU cycles and RAM required in order to process updates.

    Note: It is recommended that you contact ControlUp Support before changing this setting. Our support engineers will suggest recommended values for the data collection parameters after assessing the size of your environment and the available resources.

    Disabling process views

    The Processes view is the most densely populated view in ControlUp, which may contain millions of records in large organizations. This setting enables you to disable updates for processes, which dramatically decreases the number of records which the console is required to process.

    When the “Disable process flat views” option is checked, the Processes, Accounts and Executables views will be disabled and their respective buttons in My Organization pane will be greyed out. This means that you will not be able to see all processes in your organization in a single flat list. However, even after disabling the Processes flat views, you can still view processes for an explicitly selected user session or computer. In addition, you will continue receiving alerts on process-related incidents via ControlUp Monitor Service.